mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-07-27 21:10:29 +00:00
Improve memory safety
This commit makes numerous refinements to cosmopolitan memory handling. The default stack size has been reduced from 2mb to 128kb. A new macro is now provided so you can easily reconfigure the stack size to be any value you want. Work around the breaking change by adding to your main: STATIC_STACK_SIZE(0x00200000); // 2mb stack If you're not sure how much stack you need, then you can use: STATIC_YOINK("stack_usage_logging"); After which you can `sort -nr o/$MODE/stack.log`. Based on the unit test suite, nothing in the Cosmopolitan repository (except for Python) needs a stack size greater than 30kb. There are also new macros for detecting the size and address of the stack at runtime, e.g. GetStackAddr(). We also now support sigaltstack() so if you want to see nice looking crash reports whenever a stack overflow happens, you can put this in main(): ShowCrashReports(); Under `make MODE=dbg` and `make MODE=asan` the unit testing framework will now automatically print backtraces of memory allocations when things like memory leaks happen. Bugs are now fixed in ASAN global variable overrun detection. The memtrack and asan runtimes also handle edge cases now. The new tools helped to identify a few memory leaks, which are fixed by this change. This change should fix an issue reported in #288 with ARG_MAX limits. Fixing this doubled the performance of MKDEPS.COM and AR.COM yet again.
This commit is contained in:
parent
a0b39f886c
commit
226aaf3547
317 changed files with 6474 additions and 3993 deletions
|
@ -1,53 +1,61 @@
|
|||
#ifndef COSMOPOLITAN_LIBC_INTRIN_ASAN_H_
|
||||
#define COSMOPOLITAN_LIBC_INTRIN_ASAN_H_
|
||||
#include "libc/calls/struct/iovec.h"
|
||||
#include "libc/macros.internal.h"
|
||||
|
||||
#define kAsanScale 3
|
||||
#define kAsanMagic 0x7fff8000
|
||||
#define kAsanHeapFree -1 /* F */
|
||||
#define kAsanStackFree -2 /* F */
|
||||
#define kAsanRelocated -3 /* R */
|
||||
#define kAsanHeapUnderrun -4 /* U */
|
||||
#define kAsanHeapOverrun -5 /* O */
|
||||
#define kAsanGlobalOverrun -6 /* O */
|
||||
#define kAsanGlobalUnregistered -7 /* G */
|
||||
#define kAsanStackUnderrun -8 /* U */
|
||||
#define kAsanStackOverrun -9 /* O */
|
||||
#define kAsanAllocaUnderrun -10 /* U */
|
||||
#define kAsanAllocaOverrun -11 /* O */
|
||||
#define kAsanUnscoped -12 /* S */
|
||||
#define kAsanUnmapped -13 /* M */
|
||||
#define kAsanProtected -14 /* P */
|
||||
#define kAsanStackGuard -15 /* _ */
|
||||
#define kAsanNullPage -16
|
||||
#define kAsanScale 3
|
||||
#define kAsanMagic 0x7fff8000
|
||||
#define kAsanNullPage -1 /* ∅ 0xff */
|
||||
#define kAsanProtected -2 /* P 0xfe */
|
||||
#define kAsanHeapFree -3 /* F 0xfd */
|
||||
#define kAsanHeapRelocated -4 /* R 0xfc */
|
||||
#define kAsanAllocaOverrun -5 /* 𝑂 0xfb */
|
||||
#define kAsanHeapUnderrun -6 /* U 0xfa */
|
||||
#define kAsanHeapOverrun -7 /* O 0xf9 */
|
||||
#define kAsanStackUnscoped -8 /* s 0xf8 */
|
||||
#define kAsanStackOverflow -9 /* ! 0xf7 */
|
||||
#define kAsanGlobalOrder -10 /* I 0xf6 */
|
||||
#define kAsanStackFree -11 /* r 0xf5 */
|
||||
#define kAsanStackPartial -12 /* p 0xf4 */
|
||||
#define kAsanStackOverrun -13 /* o 0xf3 */
|
||||
#define kAsanStackMiddle -14 /* m 0xf2 */
|
||||
#define kAsanStackUnderrun -15 /* u 0xf1 */
|
||||
#define kAsanAllocaUnderrun -16 /* 𝑈 0xf0 */
|
||||
#define kAsanUnmapped -17 /* M 0xef */
|
||||
#define kAsanGlobalRedzone -18 /* G 0xee */
|
||||
#define kAsanGlobalGone -19 /* 𝐺 0xed */
|
||||
|
||||
#define SHADOW(x) ((signed char *)(((uintptr_t)(x) >> kAsanScale) + kAsanMagic))
|
||||
#define UNSHADOW(x) ((void *)(((uintptr_t)(x) + 0x7fff8000) << 3))
|
||||
#define SHADOW(x) ((signed char *)(((intptr_t)(x) >> kAsanScale) + kAsanMagic))
|
||||
#define UNSHADOW(x) ((void *)(MAX(0, (intptr_t)(x)-kAsanMagic) << kAsanScale))
|
||||
|
||||
typedef void __asan_die_f(void);
|
||||
|
||||
struct AsanFault {
|
||||
char kind;
|
||||
signed char kind;
|
||||
signed char *shadow;
|
||||
};
|
||||
|
||||
void __asan_unpoison(uintptr_t, size_t);
|
||||
extern bool __asan_noreentry;
|
||||
|
||||
void __asan_unpoison(long, long);
|
||||
void __asan_poison(long, long, signed char);
|
||||
void __asan_verify(const void *, size_t);
|
||||
void __asan_map_shadow(uintptr_t, size_t);
|
||||
void __asan_poison(uintptr_t, size_t, int);
|
||||
bool __asan_is_valid(const void *, size_t);
|
||||
bool __asan_is_valid_strlist(char *const *);
|
||||
bool __asan_is_valid_iov(const struct iovec *, int);
|
||||
struct AsanFault __asan_check(const void *, size_t);
|
||||
void __asan_report_memory_fault(void *, int, const char *) wontreturn;
|
||||
void __asan_report(void *, int, const char *, char) wontreturn;
|
||||
void *__asan_memalign(size_t, size_t);
|
||||
bool __asan_is_valid(const void *, long) nosideeffect;
|
||||
bool __asan_is_valid_strlist(char *const *) strlenesque;
|
||||
bool __asan_is_valid_iov(const struct iovec *, int) nosideeffect;
|
||||
wint_t __asan_symbolize_access_poison(signed char) pureconst;
|
||||
const char *__asan_describe_access_poison(signed char) pureconst;
|
||||
struct AsanFault __asan_check(const void *, long) nosideeffect;
|
||||
|
||||
void __asan_free(void *);
|
||||
void *__asan_malloc(size_t);
|
||||
int __asan_malloc_trim(size_t);
|
||||
int __asan_print_trace(void *);
|
||||
void *__asan_calloc(size_t, size_t);
|
||||
void *__asan_realloc(void *, size_t);
|
||||
void *__asan_memalign(size_t, size_t);
|
||||
size_t __asan_get_heap_size(const void *);
|
||||
void *__asan_realloc_in_place(void *, size_t);
|
||||
void *__asan_valloc(size_t);
|
||||
void *__asan_pvalloc(size_t);
|
||||
int __asan_malloc_trim(size_t);
|
||||
void __asan_die(const char *) wontreturn;
|
||||
|
||||
#endif /* COSMOPOLITAN_LIBC_INTRIN_ASAN_H_ */
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue